Crypto Fails
Showcasing bad cryptography. Archive Ask Crypto Questions About Reasoning by Lego: The wrong way to think about cryptography. Scott Arciszewski from Paragon Initiative pointed me to this example of PHP cryptography. The code is bad and the crypto design is flawed, but as usual for this blog, we can learn something from it. Let’s ignore the fact that it’s using MCRYPT_RIJNDAEL_256 (the 256-bit block version of Rijndael, not AES) instead of MCRYPT_RIJNDAEL_128 (real AES), the fact that it’s not checking the return value of substr(), and the fact that it’s passing a hexadecimal-encoded key to a function that expects a binary string. I’ve covered all of these failings on this blog before, so I won’t touch on them again. Instead, let’s focus on two facts. First, it is doing “MAC then Encrypt” (MtA), which means the Message Authentication Code (MAC) is being applied to the plaintext message before encryption – contrary to modern crypto wisdom. Second, that the MAC is checked with a non-timing-safe comparison, which means that if an attacker can get really precise timing measurements of a failed decryption, they can find out how much of the MAC matches. In the “Encrypt then MAC” (EtM) design, where the MAC is applied to the ciphertext after encryption, this kind of a timing leak usually lets you forge a message. But this time, the MAC is inside the ciphertext, encrypted, so at a first glance, exploiting it seems more difficult. Indeed, the issue was brought up
FEATURES
ALTERNATIVES
GPG Sync is a tool designed to keep OpenPGP public keys up-to-date within an organization by offloading the complexity of key management to a single trusted person.
Using high-quality entropy sources for CSPRNG seeding is crucial for security.
A steganographic coder for WAV files that hides data in the LSB portions of each sample.
PII Crawler is a data scanning tool that identifies and locates Personally Identifiable Information in various file types and databases.
Microsoft Azure service for safeguarding cryptographic keys and secrets.
PINNED
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.